Mirror/AI-on-the-edge-device
1
0
Fork 0
mirror of https://github.com/jomjol/AI-on-the-edge-device.git synced 2025-12-06 19:46:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

test1

Browse Source
This commit is contained in:
michael
2024-12-24 12:14:53 +01:00
parent 53e818186a
commit 4d74d0c522
3 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
code/components/jomjol_flowcontroll/ClassFlowMQTT.cpp
View File

@@ -114,7 +114,15 @@ bool ClassFlowMQTT::ReadParameter(FILE* pfile, string& aktparamgraph)
}
if ((toUpper(_param) == "VALIDATESERVERCERT") && (splitted.size() > 1))
{
validateServerCert = alphanumericToBoolean(splitted[1]);
bool _validateServerCert = alphanumericToBoolean(splitted[1]);
if (_validateServerCert == true)
{
validateServerCert = false;
}
else
{
validateServerCert = true;
}
}
if ((toUpper(_param) == "CLIENTCERT") && (splitted.size() > 1))
{

7
param-docs/parameter-pages/MQTT/ValidateServerCert.md
View File

@@ -7,11 +7,12 @@ Default Value: `true`
Enable or disable the validation of the server certificate.
If `enabled (true)`, the certificate sent by the server is validated using the configured [Root CA Certificate file](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-cacert).\
The server name in [uri](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-uri) is compared with the CN field of the server certificate. A connection will be only established if these match.\
If `enabled (true)`, the certificate sent by the server is validated using the configured [Root CA Certificate file](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-cacert).<br>
The server name in [uri](https://jomjol.github.io/AI-on-the-edge-device-docs/Parameters/#parameter-uri) is compared with the CN field of the server certificate.<br>
A connection will be only established if these match.<br>
It ensures the origin of the server.
If `disabled (false)`, only the validity of the certificate (e.g. expiry) is checked, not the origin (CN field).\
If `disabled (false)`, only the validity of the certificate (e.g. expiry) is checked, not the origin (CN field).<br>
If you use public brokers, make sure to set this parameter to "enabled", to avoid potential MITM-Attacks!
!!! Note

4
sd-card/html/edit_config_template.html
View File

@@ -2366,7 +2366,7 @@ function UpdateInput() {
WriteParameter(param, category, "MQTT", "CACert", true);
WriteParameter(param, category, "MQTT", "ClientCert", true);
WriteParameter(param, category, "MQTT", "ClientKey", true);
WriteParameter(param, category, "MQTT", "ValidateServerCert", false);
WriteParameter(param, category, "MQTT", "ValidateServerCert", true);
WriteParameter(param, category, "MQTT", "DomoticzTopicIn", true);
WriteParameter(param, category, "InfluxDB", "Uri", true);
@@ -2535,7 +2535,7 @@ function ReadParameterAll() {
ReadParameter(param, "MQTT", "CACert", true);
ReadParameter(param, "MQTT", "ClientCert", true);
ReadParameter(param, "MQTT", "ClientKey", true);
ReadParameter(param, "MQTT", "ValidateServerCert", false);
ReadParameter(param, "MQTT", "ValidateServerCert", true);
ReadParameter(param, "MQTT", "DomoticzTopicIn", true);
ReadParameter(param, "InfluxDB", "Uri", true);